Daily NCSC-FI news followup 2021-06-10

Ministeri Harakka: Panostus kriittisten toimialojen tietoturvaan ja tietosuojaan on investointi tulevaisuuteen

www.lvm.fi/-/ministeri-harakka-panostus-kriittisten-toimialojen-tietoturvaan-ja-tietosuojaan-on-investointi-tulevaisuuteen-1376154 Valtioneuvosto vahvisti 10. kesäkuuta 2021 periaatepäätöksen, jolla linjataan toimia yhteiskunnan kriittisten toimialojen tietoturvan ja tietosuojan tason parantamiseksi. Periaatepäätöksen linjaukset perustuvat asiaa selvittäneen poikkihallinnollisen työryhmän ehdotuksiin.

Jättimäinen huijausaalto pyyhkii Suomea Varo tekstiviestejä!

www.iltalehti.fi/tietoturva/a/ffdd91fc-4435-4ce8-ab6a-6a47d69bc1d4 Nyt Kyberturvallisuuskeskus varoittaa uusista huijausviesteistä, jotka liittyvät todennäköisesti samaan haittaohjelmaan. Kotimaisista numeroista lähtee nyt tekstiviestitse linkkejä, jotka voivat liittyä liikkeellä olevaan Android-haittaohjelmaan, Kyberturvallisuuskeskus tiedottaa Twitter-tilillään. Lisäksi: https://twitter.com/CERTFI/status/1402586666217480192

BackdoorDiplomacy: Upgrading from Quarian to Turian

www.welivesecurity.com/2021/06/10/backdoordiplomacy-upgrading-quarian-turian/ An APT group that we are calling BackdoorDiplomacy, due to the main vertical of its victims, has been targeting Ministries of Foreign Affairs and telecommunication companies in Africa and the Middle East since at least 2017. For initial infection vectors, the group favors exploiting vulnerable internet-exposed devices such as web servers and management interfaces for networking equipment.

Russia accused of hacking Dutch police during MH17 investigation

blog.malwarebytes.com/reports/2021/06/russia-accused-of-hacking-dutch-police-during-mh17-investigation/ Journalists at the Dutch newspaper “De Volkskrant” have reported that the country’s intelligence service, AIVD, discovered in 2017 that Russian hackers had broken into Dutch police systems. The De Volkskrant report is based on knowledge from anonymous sources. The reason behind this act of espionage is thought to be the ongoing MH17 investigation. Lisäksi:

therecord.media/russian-hackers-breached-dutch-police-systems-in-2017/

Hackers breach gaming giant Electronic Arts, steal game source code

www.bleepingcomputer.com/news/security/hackers-breach-gaming-giant-electronic-arts-steal-game-source-code/ Hackers have breached the network of gaming giant Electronic Arts (EA) and claim to have stolen roughly 750 GB of data, including game source code and debug tools. EA confirmed the data breach in a statement sent to BleepingComputer saying that this “was not a ransomware attack, that a limited amount of code and related tools were stolen, and we do not expect any impact to our games or our business.”. Lisäksi:

arstechnica.com/gadgets/2021/06/data-thieving-hackers-strike-again-stealing-ea-source-code-and-police-data/

Hackers can exploit bugs in Samsung pre-installed apps to spy on users

www.bleepingcomputer.com/news/security/hackers-can-exploit-bugs-in-samsung-pre-installed-apps-to-spy-on-users/ Samsung is working on patching multiple vulnerabilities affecting its mobile devices that could be used for spying or to take full control of the system. The bugs are part of a larger set discovered and reported responsibly by one security researcher through the company’s bug bounty program.

Ransomware: Meat firm JBS says it paid out $11m after attack

www.zdnet.com/article/ransomware-meat-firm-jbs-says-it-paid-out-11m-after-attack Global meatpacker JBS USA has paid $11 million in Bitcoin to cyberattackers that encrypted its files and disrupted operations in the US and Australia with ransomware, the company has said. JBS USA chief Andre Nogueira confirmed the company had made the payment to the attackers.

Emerging Ransomware Targets Dozens of Businesses Worldwide

thehackernews.com/2021/06/emerging-ransomware-targets-dozens-of.html An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate. First observed in February 2021, “Prometheus” is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run organizations in the Middle East and North Africa last year.

New Chrome 0-Day Bug Under Active Attacks Update Your Browser ASAP!

thehackernews.com/2021/06/new-chrome-0-day-bug-under-active.html Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered security issues, including a zero-day flaw that it says is being actively exploited in the wild. Lisäksi:

therecord.media/google-patches-chrome-zero-day-linked-to-commercial-exploit-company/

Steam Gaming Platform Delivering Malware

threatpost.com/steam-gaming-delivering-malware/166784/ Emerging malware is lurking in Steam profile images. Look out for SteamHide, an emerging loader malware that disguises itself inside profile images on the gaming platform Steam, which researchers think is being developed for a wide-scale campaign.

Researchers create an ‘un-hackable’ quantum network over hundreds of kilometers using optical fiber

www.zdnet.com/article/researchers-created-an-un-hackable-quantum-network-over-hundreds-of-kilometers-using-optical-fiber/ Researchers from Toshiba have successfully sent quantum information over 600-kilometer-long optical fibers, creating a new distance record and paving the way for large-scale quantum networks that could be used to exchange information securely between cities and even countries.

You might be interested in …

Daily NCSC-FI news followup 2020-03-13

Alert (AA20-073A) – Enterprise VPN Security www.us-cert.gov/ncas/alerts/aa20-073a As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work optionsor teleworkrequire an enterprise virtual private network (VPN) solution to connect employees to an organization’s information technology (IT) network. As organizations elect to implement telework, the […]

Read More

Daily NCSC-FI news followup 2022-01-06

North Korean Hackers Start New Year with Attacks on Russian Foreign Ministry thehackernews.com/2022/01/north-korean-hackers-start-new-year.html A North Korean cyberespionage group named Konni has been linked to a series of targeted attacks aimed at the Russian Federation’s Ministry of Foreign Affairs (MID) with New Year lures to compromise Windows systems with malware. “This activity cluster demonstrates the patient […]

Read More

Daily NCSC-FI news followup 2020-01-03

Don’t Xiaomi pics of other people’s places! Chinese kitmaker fingers dodgy Boxing Day cache update after Google banishes it from Home www.theregister.co.uk/2020/01/03/google_blocks_xiaomi/ Xiaomi has blamed some post-Christmas cache digestion problems after finding itself plonked on the naughty step by Google which blocked the Chinese tech conglomerate’s devices from its Nest Hub and Assistant last night. […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.